PureBasic Forums - English

http://www.purebasic.com
https://www.purebasic.fr/english/

Real-time check/logging on which application gets launched

https://www.purebasic.fr/english/viewtopic.php?t=9400

Page 1 of 1

Real-time check/logging on which application gets launched

Posted: Tue Feb 03, 2004 11:35 pm
by dell_jockey
Hi Group,

for a software license management application, I need to write a utility that detects in real-time which application gets launched by the OS, either from the GUI or from the CMD-shell (or any other shell for that matter). It's not just a matter of knowing which application is installed on a workstation, actual usage needs to be logged.
Since there are currently many applications in the portfolio, writing a simple logging wrapper for each exe is way too much work. Rather I was hoping to use the Win32 API somehow and have the OS tell me what is happening when.

How could I solve this challenge?

Thanks for any hints you may come up with !

Re: Real-time check/logging on which application gets launch

Posted: Wed Feb 04, 2004 12:18 am
by PB
> writing a simple logging wrapper for each exe is way too much work

I once tried making a wrapper from a VB example without much success.
Basically, you have to change the (Default) Registry value found here...

HKEY_CLASSES_ROOT\exefile\shell\open\command

...to point to your own exe instead, by giving it this value:

Chr(34)+MyExeDir$+"MyExe.exe"+Chr(34)+" "+Chr(34)+"%1"+Chr(34)+" %*"

For your reference, the (Default) value, if you need to change it back, is:

Chr(34)+"%1"+Chr(34)+" %*"

I only met with limited success with this, although the VB example is
supposed to work. I got busy with other projects and never got back
to this, so perhaps you can get it working. What is does is launch your
own exe whenever any exe is run, so then it's up to your exe to parse
the commandline and launch the other exe that the commandline gave.
Naturally you can do any logging first, before launching the other exe...

Posted: Wed Feb 04, 2004 9:28 am
by dell_jockey
Hi PB,

thanks for that idea. It's still something of a wrapper type of solution, but the advantage would be that I'd need to write only a single one. Also I have to test and see if applications that get launched from the cmd-shell are captured with this method as well.

My original question was focussed on finding an API function, that tells me what is going on. If such an API function indeed exists, I could write a callback that the OS calls every time this API function gets activated. I'd still like to find such a function, because in that case I'd have a way of having everything run as a local service.

Thanks again!

Posted: Fri Feb 06, 2004 2:59 pm
by Hi-Toro
If you were looking for NT-only, you could take a look at this, but the function provided for detecting processes launching requires some of the code to run as a driver apparently:

http://www.codeguru.com/system/ProcMon.html

Another option might be to search out the process enumeration code I posted on here a while ago (works on 9x and NT -- search for Process32First), in which case you could possibly compare the list of processes 'before and after', every 'x' milliseconds...

Posted: Sun Feb 08, 2004 3:23 pm
by dell_jockey
Hi James,

thanks a lot for that URL. Since I intend to deploy this utility as a service (NT upwards) it is relevant indeed.

Thanks again!
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited